September 28, 2020

Volume X, Number 272

September 25, 2020

Subscribe to Latest Legal News and Analysis

Sharing Cyberthreat Information With Competitors

In this inter-connected world, a cyberthreat to your competitor can quickly become a problem for your own company. Wouldn't it be great if you could share information with each other about cyberthreats, so that you would both be better off in the long run?

"You want to do what with our competitor?" is likely the incredulous question that many compliance officers and in-house lawyers alike will pose when hearing about any sort of proposed collaboration with a competitor. And for good reason. Antitrust laws strictly prohibit companies from collaborating with each other if the result might be anti-competitive--such as raising prices or restricting output.

But what if the companies want to share information about the latest computer virus? Does that violate the antitrust laws? In a recent joint announcement, the federal antitrust enforcers emphasized that the answer is typically "no."

In a joint announcement on April 10, the U.S. Department of Justice (DOJ) and the Federal Trade Commission (FTC) attempted to make clear that the antitrust laws should not be "a roadblock to legitimate cybersecurity information sharing."1 The head of the DOJ Antitrust Division called the announcement an "antitrust no-brainer."

The agencies have long had guidelines regarding collaboration between competitors, which emphasize that collaboration is not necessarily anti-competitive.2 These guidelines take into account the business purpose for the sharing, the type of information shared, and the context in which the sharing takes place. Notably, antitrust concerns can arise regardless of whether companies share information directly, or through a common vehicle like a trade association.

Cyberthreat information is typically very technical in nature. For example, sharing the "threat signature" of potential malware, or the source IP address of a cyber attack, does not likely involve information that could be used for anti-competitive means. In fact, to the contrary, sharing this information can increase economic efficiencies by helping secure our nation’s IT infrastructure.

Many companies routinely share cyberthreat information already.3 Before the announcement by the DOJ and FTC, however, some companies were leery about the antitrust ramifications of such overt exchange of technical information with competitors. The joint announcement by DOJ and the FTC attempted to put those fears to rest.

But the agencies were careful not to grant blanket immunity for such conduct. Indeed, the last part of the announcement is this simple footnote: "Of course, if an information sharing arrangement is being used as a cover to fix prices, allocate markets, or otherwise limit competition, antitrust issues could arise." For this reason, companies would be wise to implement strict procedures governing what sort of information their IT professionals can—and cannot—share with peers at other companies.


1 U.S. DEPT. OF JUSTICE & FED. TRADE COMM’N, ANTITRUST POLICY STATEMENT ON SHARING OF
CYBERSECURITY INFORMATION (2014), available at http://www.justice.gov/atr/public/guidelines/305027.pdf.

U.S. DEPT’ OF JUSTICE & FED. TRADE COMM’N, ANTITRUST GUIDELINES FOR COLLABORATIONS
AMONG COMPETITORS (2000), available at http://www.ftc.gov/os/2000/04/ftcdojguidelines.pdf.

Some industries have established “Information Sharing Analysis Centers” (ISACs) to share cybersecurity
information. See http://www.isaccouncil.org.

Copyright © 2020 Godfrey & Kahn S.C.National Law Review, Volume IV, Number 115

TRENDING LEGAL ANALYSIS


About this Author

Wend Arends Government Attorney
Special Counsel

Wendy Arends is special counsel in the firm’s Madison office where she advises businesses, organizations and trade associations regarding their interactions with local, state and federal government. Her practice focuses on matters involving antitrust and consumer protection, health care, and international trade compliance. Prior to joining Godfrey & Kahn, Wendy practiced for more than four years at a large national law firm in Washington, D.C. where she worked on a variety of complex commercial litigation and regulatory matters.

As a member...

608.284.2659
Kevin J. O'Connor, Litigation Attorney, Godfrey Kahn Law Firm
Shareholder

Kevin O’Connor is chair of the Antitrust and Trade Regulation Practice Group and has offices in both Madison and Milwaukee. He has more than twenty years of experience in antitrust, trade regulation, and consumer litigation and counseling.

Before joining the firm, he served as the Assistant Attorney General in charge of antitrust enforcement and head of the Office of Consumer Protection and Antitrust in the Wisconsin Department of Justice. During his tenure in government, Kevin chaired the National Association of Attorneys General's (NAAG) Multistate Antitrust Task Force. He led multistate working groups litigating cases involving resale price maintenance, insurance boycotts, mergers, price-fixing, complex indirect purchaser litigation and exclusionary practices. He was also lead state counsel in the case brought by 19 states and the US-DOJ against Microsoft. He has also litigated criminal bid-rigging cases in state court. His experience encompasses industries as diverse as health care, high technology and intellectual property, vitamins, electric utilities, cattle dealers, retail distribution, telecommunications and many others. Kevin also prosecuted white collar crime cases involving securities fraud, tax fraud and antitrust violations as an Assistant Attorney General. His extensive experience has proven to be a valuable asset to the firm’s White Collar Defense & Investigations team.

608.284.2600
Eric J. Wilson, White Collar Defense, Attorney, Godfrey Kahn Law Firm
Shareholder

Eric Wilson is a shareholder in the Litigation Practice Group, and a member of the Government Investigations, White Collar & Compliance; International Trade Compliance; and Antitrust Practice Groups. An experienced litigator and trial lawyer, Eric’s practice focuses on complex and sensitive matters where clients demand an attorney with the judgment and expertise to achieve a favorable outcome – regardless of whether that result occurs outside or inside the courtroom.

As a former government prosecutor, Eric has particular experience in...

608-284-2603
Sean Bosak Litigation Attorney
Shareholder

Sean Bosack is a shareholder in the Litigation Practice Group in the Milwaukee office and a member of the Government Investigations, White Collar & Compliance Practice Group. Since joining the firm in 1997, Sean has focused his practice on complex business and corporate civil and criminal litigation. Sean devotes a substantial portion of his practice representing corporations conducting internal investigations involving various forms of fraud and corporate governance issues, and representing corporate and individual clients in white collar criminal matters in industries including...

414.287.9431